AWS launches its own security service with Amazon GuardDuty

Amazon Web Services (AWS) introduced a fully managed intelligent threat detection service for protecting their AWS accounts and workloads by continuously monitoring account activity for malicious or unauthorized behavior.

Amazon GuardDuty continuously applies machine learning to identify any events that fall outside the normal patterns. AWS said it is using both proprietary, AWS-developed threat intelligence sources and industry-leading third-party sources.

Amazon GuardDuty can send all findings to AWS CloudWatch Events and supports API endpoints through the AWS SDK, allowing for interoperability with third-party solutions such as Alert Logic, Evident.io, Palo Alto Networks, Rapid7, Redlock, Splunk, Sumo Logic, and Trend Micro.

“Customers often tell us that the best way we can help them stay secure is to give them smarter tools that make it easier to get security right,” said Stephen Schmidt, Chief Information Security Officer, Amazon Web Services. “We designed Amazon GuardDuty to be so simple and cost effective that turning it on would be an easy choice for every AWS customer, regardless of their security expertise or the existing security services they use. Amazon GuardDuty intelligently identifies hard-to-detect threats that might slip through the cracks of other security products and easily scales to meet the needs of any organization, whether they have two AWS accounts or two thousand.”